Collect resource logs from an Azure resource - Azure Monitor (2024)

FAQs

How do you access data collected by an Azure Monitor? ›

The Log Analytics user interface in the Azure portal helps you query the log data collected by Azure Monitor so that you can quickly retrieve, consolidate, and analyze collected data.

In conclusion, Azure Monitor and Log Analytics collectively offer a robust solution for monitoring Azure resources. While Azure Monitor provides a lot of features including aggregation of logs, real-time insights and performance metrics, Log Analytics allows advanced query capabilities and extensive log data analysis.

Application data

When you enable Application Insights for an application, it collects metrics and logs related to the performance and operation of the application and stores it in the same Azure Monitor data platform used by other data sources.

Azure resource logs are platform logs that provide insight into operations that were performed within an Azure resource. The content of resource logs varies by the Azure service and resource type. Resource logs aren't collected by default.

Other methods to retrieve activity log events

You can also access activity log events by using the following methods: Use the Get-AzLog cmdlet to retrieve the activity log from PowerShell. See Azure Monitor PowerShell samples. Use az monitor activity-log to retrieve the activity log from the CLI.

Azure Monitor Logs collects logs and performance data where they can be retrieved and analyzed in different ways by using log queries. You must create a Log Analytics workspace to collect log data. Use Log Analytics to analyze data from Azure Monitor Logs.

Data Collection can be qualitative or quantitative in nature. Qualitative data collection methods include surveys, interviews, focus groups, and observation. Quantitative data collection methods include surveys, questionnaires, and secondary data analysis.

Azure Monitor is enabled the moment you create a new Azure subscription, and activity log and platform metrics are automatically collected.

The Azure Monitor Log Analytics API response is a JSON string that contains an array of table objects. The tables property is an array of tables that represent the query result. Each table contains name , columns , and rows properties: The name property is the name of the table.

View resource group or subscription-level activity log insights. To view activity log insights at the resource group or subscription level: In the Azure portal, select Monitor > Workbooks. In the Insights section, select Activity Logs Insights.

What are the two main kinds of data Azure Monitor works with? ›

All data collected by Azure Monitor fits into one of two fundamental types: metrics and logs. Metrics are numerical values that describe some aspect of a system at a particular point in time. They are lightweight and capable of supporting near real-time scenarios.

Metrics are numerical values that are collected at regular intervals and describe some aspect of a system at a particular time. Azure Monitor Metrics is one half of the data platform that supports Azure Monitor. The other half is Azure Monitor Logs, which collects and organizes log and performance data.

Azure Monitor can collect data from different sources like applications, services it relies on, operating systems, and down to its own resource offerings. The data includes: Application monitoring data: This includes information about the performance of various applications on different platforms.

To enable application logging for Windows apps in the Azure portal, navigate to your app and select App Service logs. Select On for either Application Logging (Filesystem) or Application Logging (Blob), or both. The Filesystem option is for temporary debugging purposes, and turns itself off in 12 hours.

To view a near real time stream of application log files generated by your function running in Azure, you can connect to Application Insights and use Live Metrics Stream. Or, you can use the App Service platform built-in log streaming to view a stream of application log files.

Access log files

For more information, see Azure Storage Client Tools. For logs stored in the App Service file system, the easiest way to access the files is to download the ZIP file in the browser at: Linux/custom containers: https://<app-name>.scm.azurewebsites.net/api/logs/docker/zip.

All logs are stored in block blobs in a container named $logs , which is automatically created when Storage Analytics is enabled for a storage account. The $logs container is located in the blob namespace of the storage account, for example: http://<accountname>.blob.core.windows.net/$logs .